Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

CVE-2021-42135

A flaw was found in the HashiCorp vault. Affected versions may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. In some situations, users may have more privileges than intended...

CVE-2021-42135

CVE-2021-42135 affects HashiCorp Vault and Vault Enterprise 1.8.x–1.8.4, describing an unexpected interaction between glob-related policies and the Google Cloud secrets engine. The root cause is a policy-glob interaction that may grant more privileges than intended, e.g., a user with read access ...

PT-2020-13247 · Hashicorp +1 · Hashicorp Vault +2

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault and Vault Enterprise versions 1.4.0 through 1.4.1 Description: The issue arises when HashiCorp Vault and Vault Enterprise are configured with the GCP Secrets Engine, potentially leading to the incorrect generation of GCP...